Not acknowleding Firewall Rules?

Discussion in 'ESET Smart Security' started by Dreakon, Dec 2, 2008.

Thread Status:
Not open for further replies.
  1. Dreakon

    Dreakon Registered Member

    Joined:
    Dec 19, 2007
    Posts:
    4
    I am using ESS 3.0.672.0 with the latest virus definitions and everything of course. I normally use Policy-based mode since I like blocking everything from the internet except for what I allow. Makes sense, right?

    Well, I created rules for a few game related applications (Grand Theft Auto IV, Rockstar Social Club, etc). Obviously, in the rules, I set all the applications involved to Allow, the direction is set to Both and the Protocol is TCP & UDP. Yet the applications still cannot connect?

    Also, before this, there was a brief few hour period where even basic applications that have always worked (Mozilla Firefox) were unable to connect while the firewall was enabled. The rules were untouched, the firewall worked fine and acknowledged my rules yesterday, then today it just randomly wouldn't let apps connect and the only way I could use Firefox or AIM was to disable the firewall completely. As of 30 minutes ago or so, they started working again while the firewall was enabled... I didn't change the rules or any settings...

    What on earth is going on? I appreciate any help! :)
     
  2. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,031
    Location:
    California
    Hello,

    Is the problem still occurring?

    Regards,

    Aryeh Goretsky
     
  3. wirefly

    wirefly Registered Member

    Joined:
    Dec 25, 2008
    Posts:
    1
    I'd like to echo this; I'm also having a similar problem. I'm running SS 3.0.672.0 under XP Pro SP3.

    I installed ESET with Interactive Mode, which worked perfectly for, oh, about three months. Without provocation, however, it began prompting me for rules I knew I already had in place; after using the "Allow" and "Create" functions, I'd end up with long lists of identical rules.

    I've gotten around it until recently by changing to Automatic mode; it's not perfect, but it works okay. However, I've recently purchased a laptop, and I'm trying to share my internet connection - which, so I've read - requires Interactive mode.

    The only bit of evidence I've found that makes the least amount of sense is this: port- and zone-based rules seem to work; application-based rules don't. And in the firewall logs, I get entries like:
    Event: Communication Denied by Rule
    Source: 0.0.0.0:[port]
    Target: [target]
    Protocol: UDP
    Rule/worm name: Block all unknown outbound traffic
    Application: E:es\LainDg0\Volume2\Apps\uTorrent\utorrent.exe

    The actual location of my uTorrent app is e:\apps\utorrent\utorrent.exe, and that's the address that appears in the rules - both manually and automatically created.

    I don't know where it's getting that application address from; I can only figure it's something hidden/internal, but it looks like it's failing a simple "a == b" test.

    I'm this close to formatting XP to Vista, so it may not be important; I just wondered if anyone'd seen anything like it.

    Cheers,

    Matt
     
  4. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,031
    Location:
    California
    Hello,

    It sounds like the settings for ESET Smart Security may have become corrupted on your computer.

    Try downloading a fresh copy of ESET Smart Security v3.0.684.0, uninstalling v3.0.672.0, deleting the C:\Documents and Settings\All Users\Application Data\ESET\ESET Smart Security\ and C:\Documents and Settings\%USERNAME%\Application Data\ESET\ESET Smart Security\ directories if they still exist, then installing the new build of ESET Smart Security to resolve the issue.

    Regards,

    Aryeh Goretsky
     
Thread Status:
Not open for further replies.